TOR Socksifying (Torification) TCP Connections on Guest Network

Installing and Using OpenWrt
1

A while ago I setup an open hotspot guest network on our Wifi system using OpenWrt that routed all clients on that interface through a VPN in order to keep whatever shenanigans they might get up to on there from giving us trouble with our ISP. That setup was a little complex, having to use additional routing tables and firewall chains to bump onto the extra tables plus some scripting tweaks. It got me to thinking however, would it be possible to do this with Tor? I know Tor is essentially a local SOCKS proxy that only works with TCP, so to do this I'd have to reject all non TCP traffic and somehow socksify the TCP traffic to go via the Tor SOCKS server.

Looking through the opkg stuff there seems to be some potential candidates like Dante Socksify and shadow socks. Going to have to do some reading on those packages to see if they're suitable but was just curious if anyone else has attempted this and what solutions you used?

N

2

Unless I am missing something, how are you going to configure all the guests to use the proxy?

1 Like
3

For me it works with something like

iptables -A PREROUTING ! -d 192.168.111.1/32 -i br1 -p tcp -m multiport --dports 80,443 -j DNAT --to-destination 192.168.111.1:9040

Where 111.1 is guest br1 ip and 9040 is tor TransPort

2 Likes
4

@ trendy That's precisely what I'm asking for help with.

@ maurer Thanks. Yes that seems to be the solution. After searching I found this on the Arch site
https://wiki.archlinux.org/title/tor#Transparent_Torification
Seems to be exactly what I was looking for. Nice one.

1 Like
5

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.